Daylight Security is a security services company delivering Managed Agentic Security Services (MASS) through a fundamentally different architecture and operating model to deliver MDR, threat hunting, incident response, and more. They unify an AI-native platform with top security experts from IR and threat hunting backgrounds, not analysts. Their platform runs the full cycle from detection to response with full identity and business context across systems, with experts validating decisions and feeding insights back into the platform so it continuously learns their customers’ environments. Here’s how Descope helped power their auth infrastructure for B2B customers and customer-facing MCP servers.
About Daylight Security
Daylight Security was founded in late 2024 by Hagai Shapira and Eldad Rudich, cybersecurity veterans from Torq's founding team. Daylight delivers agentic security services like MDR, threat hunting, incident response and more through a fundamentally different architecture. The architecture combines an agentic platform that runs the full cycle from detection to response with security experts from IR and threat hunting backgrounds. Experts validate decisions and feed insights back, so the platform continuously learns each customer's environment. The result: security teams move from firefighting to strategic work.
The company has raised $40 million in total funding as of late 2025, including a $33 million Series A led by Craft Ventures with participation from Bain Capital Ventures. Daylight serves customers across the U.S. and Europe, including Sixt, Qualtrics, and Lovable.
The authentication challenge
Daylight Security’s lean engineering team is composed of capable full-stack developers who handle everything from infrastructure to AI integration. Thanks to their founding team’s prior cybersecurity experience, they knew that rolling their own auth in-house would be an uphill battle. They began vetting potential external providers, but the more traditional options didn’t meet their team’s pricing or flexibility expectations.
Meanwhile, Daylight Security needed to handle two distinct auth scenarios:
Enterprise B2B, which called for robust multi-tenancy capabilities, single sign-on (SSO), and audit logging. Daylight Security looked to move upmarket from day one, which meant enterprise readiness was a must.
A customer-facing MCP server, which would initially serve as a natural-language resource for accessing Daylight Security documentation on behalf of their end-customers (i.e., security teams and administrators).
The MCP server began as a traditional LLM-powered resource, capable of resolving customer troubleshooting scenarios. Daylight Security also planned to expand their MCP server to enable queries about real-time audit data, answering questions like “Why was this login denied?” To achieve this, the server needed to enforce role-based scoping that could authorize different permission levels across tenants.
Alon Gluzman, Senior Platform Engineer at Daylight Security, said:
“We evaluated a few providers before landing on Descope. What mattered was finding something that wouldn’t slow us down. We’re an agile team shipping constantly, and auth can’t be a bottleneck when you’re aiming for rapid growth.”
The Descope experience
Because of their natural engineering rigor, Daylight Security ran a self-directed POC before committing to the Descope Startup Program. As they scaled up and transitioned to a more expansive plan, the implementation was largely self-sufficient. When their team did reach out for assistance from Descope, the response was quick and comprehensive.
Descope provided the deep auth flexibility, abstraction layer, and rapid iteration Daylight Security needed to execute. Their engineering expertise did the rest. Some Descope capabilities that helped Daylight Security make their choice were:
Multi-tenancy with role-based access management: Daylight Security serves security teams with varying permissions structures (admins, analysts, contractors, etc.). Using Descope’s robust tenant-aware RBAC functionality, they were able to scope access across both enterprise B2B use cases and their MCP server.
Flows for the entire auth journey: Daylight Security took advantage of Descope Flows, the solution’s workflow builder that abstracts manual coding into a streamlined drag-and-drop layer. Virtually everything runs through Descope Flows: login interfaces, invite links, and user onboarding included. When the team needs to adjust auth logic, they do it in the flow editor and see their changes reflected in real time—no need to touch the codebase.
CI/CD with GitHub Actions: Staging and production environments stay in sync through Descope’s CI/CD template, letting the Daylight Security team test flow changes in isolation before rolling them out to customers in production.
Connectors and audit streaming: Daylight Security routes Descope audit events to Datadog for observability and pushes application-level auth events (login failures, user creation, deletions) to their own webhook backend. Internal visibility into auth health across the customer base without building custom logging infrastructure.
OAuth for their SSO and MCP server: For both their SSO integration and MCP server, Descope acts as the OAuth provider. MCP client registration, scope-based access control, and token lifecycle management (issuance, validation, scope enforcement) for the Daylight Security MCP server are all powered by Descope, freeing up their engineers to focus on the AI layer.
The MCP server’s access controls are inherited from Descope’s RBAC configuration, mapping elegantly across both use cases. A user’s role governs both their standard application access and what questions the MCP server can answer. An admin might get answers pertaining to auth audit logs, but a rank-and-file analyst will be constrained to specific data.
Eldad Rudich, Co-Founder and CTO at Daylight Security, said:
“Managing auth for an MCP server can be complex and time-consuming. The Descope auth and access control layer for MCP is easy to set up and maintain. It lets us securely expose our MCP server to end users with role and scope-based access controls without needing to become experts on the MCP auth spec.”
Security for the agentic era, auth for every scenario
For Daylight Security, implementing Descope delivered tangible outcomes across multiple fronts:
Self-sufficient deployment: A lean team of engineers shipped production-ready auth and access control for B2B users and MCP servers (with user RBAC mapping) with minimal external support
Enterprise readiness from the start: OAuth, SSO, and SAML support let Daylight Security onboard enterprise customers without auth becoming a blocker in deals.
Agentic infrastructure in place: Descope handles OAuth for the MCP server, providing the crucial identity layer that enables the Daylight Security team to securely expose their AI-powered documentation and data streaming assistant to MCP clients.
Responsive support: When issues arise, Descope’s turnaround is fast and effective. Daylight Security knows they can rely on Descope to resolve their concerns by working alongside their team, acknowledging the technical expertise of their team.
Alon Gluzman, Senior Platform Engineer at Daylight Security, said:
“Descope’s support has been solid. When something comes up, we’re not waiting around. Descope comes back with hands-on, comprehensive responses that resolve our issues quickly.”
As Daylight Security continues expanding into new enterprise accounts and developing additional AI-driven security approaches, Descope provides an essential authentication foundation. With Descope delivering secure, flexible identity for their traditional B2B use cases and the agentic interfaces that support their managed security offering, Daylight Security can focus on redefining managed security in the era of AI.
Descope is a flexible drag & drop customer and agentic identity platform that helps organizations easily add authentication, authorization, and identity management to their apps, AI agents, and MCP servers. Customers use us for initiatives such as passwordless authentication, SSO, identity federation, strong MFA, fraud prevention, and agentic identity.
To get started with Descope, sign up for a Free Forever account. If you have questions about our platform, book time with our auth experts.
